Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/cc8bfa-2b13-4674-a984-a5fdb570fe9a/1/ik7u88vvQure_hmyfv2aPlBN51g.roa
File: ik7u88vvQure_hmyfv2aPlBN51g.roa (raw, json)
Hash identifier: Za5igbseCwEjO0FVNgJPI4UYbQ+lIai1c6CapUYIbzA=
Subject key identifier: 8A:4E:EE:F3:CB:EF:42:EA:DE:FE:19:B2:7E:FD:9A:3E:50:4D:E7:58
Certificate issuer: /CN=0620eadb2e1562b4e2e4f480772c36887a777f24
Certificate serial: 019CF8B52F3E3EA9BCF56BFF297B76218F45
Authority key identifier: 06:20:EA:DB:2E:15:62:B4:E2:E4:F4:80:77:2C:36:88:7A:77:7F:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BiDq2y4VYrTi5PSAdyw2iHp3fyQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/cc8bfa-2b13-4674-a984-a5fdb570fe9a/1/ik7u88vvQure_hmyfv2aPlBN51g.roa
Signing time: Mon 16 Mar 2026 22:12:29 +0000
ROA not before: Mon 16 Mar 2026 22:12:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 201364
IP address blocks: 80.93.220.0/24 maxlen: 24
217.195.195.0/24 maxlen: 24
2a05:3040::/29 maxlen: 29
2a05:3040::/32 maxlen: 32
2a05:3041::/32 maxlen: 32
2a05:3042::/32 maxlen: 32
2a05:3043::/32 maxlen: 32
2a05:3044::/32 maxlen: 32
2a05:3045::/32 maxlen: 32
2a05:3046::/32 maxlen: 32
2a05:3047::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/cc8bfa-2b13-4674-a984-a5fdb570fe9a/1/BiDq2y4VYrTi5PSAdyw2iHp3fyQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/cc8bfa-2b13-4674-a984-a5fdb570fe9a/1/BiDq2y4VYrTi5PSAdyw2iHp3fyQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/BiDq2y4VYrTi5PSAdyw2iHp3fyQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 16:01:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:f8:b5:2f:3e:3e:a9:bc:f5:6b:ff:29:7b:76:21:8f:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0620eadb2e1562b4e2e4f480772c36887a777f24
Validity
Not Before: Mar 16 22:12:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8a4eeef3cbef42eadefe19b27efd9a3e504de758
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:6c:7b:12:79:bf:1f:ed:72:bf:e8:32:c1:b6:
87:72:7b:5a:e6:de:e4:df:ed:ac:68:69:9b:58:99:
14:bf:47:78:a4:19:b7:60:4e:92:6f:77:0a:11:30:
11:3b:28:1a:71:6c:e0:c9:d6:55:28:ce:5c:61:2f:
05:f1:85:32:ae:76:8d:97:bc:8b:ce:3d:db:6c:1c:
da:ea:6c:44:ef:17:89:bb:c9:3a:38:e6:22:6a:d7:
97:b2:0d:bd:a1:cd:02:c3:e0:33:94:aa:cf:88:2d:
3c:1a:38:89:2c:5b:1a:91:48:5a:38:4d:db:47:10:
1b:4b:34:40:d7:a3:a1:1d:fb:f8:b6:8f:0a:c7:e2:
4b:21:c2:60:ee:6d:7f:30:13:04:1d:a5:eb:54:f8:
b0:6e:2d:ae:7c:c6:cb:a8:d7:3f:68:40:34:18:c5:
6b:87:2a:51:15:18:4c:79:7a:34:a2:0f:96:95:b7:
5a:40:37:c2:02:94:98:2b:50:9b:6e:b5:dd:40:8d:
56:8b:19:54:7b:06:60:32:3d:d2:a8:ae:14:91:22:
37:82:38:98:aa:81:1c:a5:74:99:2e:90:fa:4b:9e:
fe:f3:43:18:ce:a8:08:f5:66:66:1b:5b:8a:f6:bc:
b1:4d:a5:7f:83:20:10:54:18:0b:cc:9f:9c:19:13:
0a:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:4E:EE:F3:CB:EF:42:EA:DE:FE:19:B2:7E:FD:9A:3E:50:4D:E7:58
X509v3 Authority Key Identifier:
keyid:06:20:EA:DB:2E:15:62:B4:E2:E4:F4:80:77:2C:36:88:7A:77:7F:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BiDq2y4VYrTi5PSAdyw2iHp3fyQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/cc8bfa-2b13-4674-a984-a5fdb570fe9a/1/ik7u88vvQure_hmyfv2aPlBN51g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/cc8bfa-2b13-4674-a984-a5fdb570fe9a/1/BiDq2y4VYrTi5PSAdyw2iHp3fyQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.93.220.0/24
217.195.195.0/24
IPv6:
2a05:3040::/29
Signature Algorithm: sha256WithRSAEncryption
3c:4e:7f:d9:83:ab:bf:cd:95:a3:fb:54:00:0a:fa:49:8f:e1:
64:9c:c8:5d:4f:26:24:96:9e:fd:e4:dd:20:09:e3:5a:ee:c3:
df:32:2a:85:f4:f0:9e:70:55:87:65:e9:d1:af:5c:59:67:20:
ae:4a:e5:c4:b5:d3:b7:8a:36:27:07:66:90:41:4c:5b:54:ea:
c2:65:e7:b8:7d:7a:35:47:e2:d1:ba:3d:4a:ba:e8:53:c4:66:
4d:78:b2:b8:85:a9:a2:42:12:45:0b:19:42:84:a9:c7:06:e4:
9f:0b:3d:51:72:c4:1b:dc:25:09:0e:67:a1:bb:38:95:b9:12:
cd:5a:54:6d:ee:8f:43:71:f7:92:26:78:c9:45:e6:7e:30:07:
2e:16:e5:06:67:c1:70:6b:c6:8d:24:05:cf:d4:23:2d:15:91:
82:40:7b:ac:7e:24:68:f4:32:6b:b5:f0:01:37:22:a6:c5:f4:
5e:5c:d9:96:30:4f:1a:8b:8e:6d:7b:fd:a1:ff:98:ce:07:15:
6b:b5:70:4f:97:b3:38:6d:41:f5:a2:1d:d9:32:bc:64:5c:23:
17:1d:b2:c1:e6:9e:74:79:82:4b:5c:b9:37:5f:be:4d:8c:93:
e5:83:4a:00:c6:a1:48:7d:f8:ae:28:2a:c1:1f:00:67:50:b6:
72:74:6e:d8
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZz4tS8+Pqm89Wv/KXt2IY9FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2MjBlYWRiMmUxNTYyYjRlMmU0ZjQ4MDc3MmMzNjg4N2E3
NzdmMjQwHhcNMjYwMzE2MjIxMjI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTRlZWVmM2NiZWY0MmVhZGVmZTE5YjI3ZWZkOWEzZTUwNGRlNzU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqmx7Enm/H+1yv+gywbaHcnta5t7k
3+2saGmbWJkUv0d4pBm3YE6Sb3cKETAROygacWzgydZVKM5cYS8F8YUyrnaNl7yL
zj3bbBza6mxE7xeJu8k6OOYiateXsg29oc0Cw+AzlKrPiC08GjiJLFsakUhaOE3b
RxAbSzRA16OhHfv4to8Kx+JLIcJg7m1/MBMEHaXrVPiwbi2ufMbLqNc/aEA0GMVr
hypRFRhMeXo0og+WlbdaQDfCApSYK1CbbrXdQI1WixlUewZgMj3SqK4UkSI3gjiY
qoEcpXSZLpD6S57+80MYzqgI9WZmG1uK9ryxTaV/gyAQVBgLzJ+cGRMKxwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFIpO7vPL70Lq3v4Zsn79mj5QTedYMB8GA1UdIwQY
MBaAFAYg6tsuFWK04uT0gHcsNoh6d38kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmlEcTJ5NFZZclRpNVBTQWR5dzJpSHAzZnlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9jYzhiZmEtMmIxMy00Njc0LWE5ODQt
YTVmZGI1NzBmZTlhLzEvaWs3dTg4dnZRdXJlX2hteWZ2MmFQbEJONTFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9jYzhiZmEtMmIxMy00Njc0LWE5ODQtYTVmZGI1NzBmZTlh
LzEvQmlEcTJ5NFZZclRpNVBTQWR5dzJpSHAzZnlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAUF3cAwQA
2cPDMA0EAgACMAcDBQMqBTBAMA0GCSqGSIb3DQEBCwUAA4IBAQA8Tn/Zg6u/zZWj
+1QACvpJj+FknMhdTyYklp795N0gCeNa7sPfMiqF9PCecFWHZenRr1xZZyCuSuXE
tdO3ijYnB2aQQUxbVOrCZee4fXo1R+LRuj1KuuhTxGZNeLK4hamiQhJFCxlChKnH
BuSfCz1RcsQb3CUJDmehuziVuRLNWlRt7o9DcfeSJnjJReZ+MAcuFuUGZ8Fwa8aN
JAXP1CMtFZGCQHusfiRo9DJrtfABNyKmxfReXNmWME8ai45te/2h/5jOBxVrtXBP
l7M4bUH1oh3ZMrxkXCMXHbLB5p50eYJLXLk3X75NjJPlg0oAxqFIffiuKCrBHwBn
ULZydG7Y
-----END CERTIFICATE-----
Generated at Fri Mar 27 00:07:14 2026 by rpki-client